WDRB reports:
A data breach at the University of Kentucky exposed the email addresses of more than 355,000 students and teachers nationwide.
The database that was breached did not contain any financial, health or social security information, according to a news release.
It was part of the Digital Driver’s License database that is used by schools and colleges in Kentucky and other states.
Read more on WDRB. The report doesn’t say how this happened, and the notice on the university’s web site isn’t much more helpful, as it only says:
An annual cybersecurity inspection by the University of Kentucky recently revealed vulnerability in a server associated with a College of Education database.
As part of the response to the situation, the university writes that:
The server in question will be repaired and be taken into UK’s centralized computing and server system.
Read more on the university’s site, here.
Update: Catalin Cimpanu has details as to what happeneded, here.